Leading Enterprise Organizations Have Established a Dedicated Network Security Group

When an enterprise organization wanted to buy network security equipment a few years ago, there was a pretty clear division of labor. The security team defined the requirements and the networking team purchased and operated equipment. In other words, the lines were divided. The security team could describe what was needed but didn’t dare tell the networking team what to buy or get involved with day-to-day care and feeding related to “networking” matters.

This “us-and-them” mentality appears to be legacy behavior. According to ESG research on network security trends, 47% of enterprise organizations now claim that they have a dedicated group in charge of all aspects of network security. Additionally, network security is done cooperatively by networking and security teams at 26% of organizations today but these firms insist that they are in the process of creating a dedicated network security group to supplant their current division of labor.

Topics: IBM Network Security Check Point Palo Alto Networks Fortinet Cisco IT Infrastructure Networking Information and Risk Management Juniper Sourcefire FireEye HP McAfee Security and Privacy Security

HP Acquires Eucalyptus

HP announced on September 11, 2014 that they had entered into an agreement to acquire Eucalyptus. Eucalyptus is a vendor of private IaaS services. Eucalyptus is a startup with fewer than 100 employees and around $55 million in venture funding. Eucalyptus doesn’t have an application development and deployment (AD&D) play but could certainly provide the foundation for a private PaaS. HP, despite their unusual acquisition of Mercury Interactive back in 2006, is otherwise not in the AD&D business. However, Eucalyptus does put HP a partnership or acquisition away from PaaS, so let’s look at the potential motivation of the deal.

The Eucalyptus acquisition is about helping HP customers gain better leverage from their investments. Eucalyptus is a way to show material value to HP’s installed back of server, storage, and networking customers and show that HP can be forward-looking. This is also a low risk acquisition for HP for two reasons. First the acquisition didn’t cost HP that much (less than $100 million, it is rumored) and second, the Eucalyptus technology will help build out HP’s Helion brand, which will enhance its private IaaS appeal.

Topics: Cloud Computing Private Cloud Infrastructure HP Application Development & Deployment Enterprise Software SaaS IaaS PaaS Public Cloud Service

3 Questions that Will Tell You If You Are Overpaying for Storage

When evaluating potential storage vendors and solutions, one method I have seen quite often is the feature compare. You might be familiar with this process. A listing of all a products features and functionality listed side by side against the competing alternatives is created. Typically the offering with the most check marks is deemed the best and then, budget willing, it finds itself inside your data center.

Topics: IBM Storage Netapp IT Infrastructure HP Dell

Enterprise Organizations Need Formal Incident Response Programs

I spent the early part of my IT career in the storage industry, mostly with EMC Corporation. Back then, large storage subsystems were equated with IBM mainframe computers, with a heavy emphasis on the financial services market.

Topics: Information Security IBM Data Protection Information and Risk Management HP Security and Privacy incident response SunGard E&Y Booz Allen Accenture

Anticipating Black Hat

RSA 2014 seems like ancient history and the 2015 event isn’t until next April. No worries, however, the industry is set to gather in the Las Vegas heat next week for cocktails, sushi bars, and oh yeah – Black Hat.

Now Black Hat is an interesting blend of constituents consisting of government gumshoes, Sand Hill Rd. Merlot drinking VCs, cybersecurity business wonks, “beautiful mind” academics, and tattooed hackers – my kind of crowd! As such, we aren’t likely to hear much about NIST frameworks, GRC, or CISO strategies. Alternatively, I am looking forward to deep discussions on:

  • Advanced malware tactics. Some of my favorite cybersecurity researchers will be in town to describe what they are seeing “in the wild.” These discussions are extremely informative and scary at the same time. This is where industry analysts like me learn about the latest evasion techniques, man-in-the-browser attacks, and whether mobile malware will really impact enterprise organizations.
  • The anatomy of various security breaches. Breaches at organizations like the New York Times, Nordstrom, Target, and the Wall Street Journal receive lots of media attention, but the actual details of attacks like these are far too technical for business publications or media outlets like CNN and Fox News. These “kill chain” details are exactly what we industry insiders crave as they provide play-by-play commentary about the cybersecurity cat-and-mouse game we live in.
  • Threat intelligence. All of the leading infosec vendors (i.e., Blue Coat, Cisco, Check Point, HP, IBM, Juniper, McAfee, RSA, Symantec, Trend Micro, Webroot, etc.) have been offering threat intelligence for years, yet threat intelligence will be one of the major highlights at Black Hat. Why? Because not all security and/or threat intelligence is created equally. Newer players like BitSight, Crowdstrike, iSight Partners, Norse, RiskIQ, and Vorstack are slicing and dicing threat intelligence and customizing it for specific industries and use cases. Other vendors like Fortinet and Palo Alto Networks are actively sharing threat intelligence and encouraging other security insiders to join. Finally, there is a global hue and cry for intelligence sharing that includes industry standards (i.e. CybOX, STIX, TAXII, etc.) and even pending legislation. All of these things should create an interesting discourse.
  • Big data security analytics. This is an area I follow closely that is changing on a daily basis. It’s also an interesting community of vendors. Some (i.e., 21CT, ISC8, Leidos, Lockheed-Martin, Norse, Palantir, Raytheon, etc.), come from the post 9/11 “total information access” world, while others (Click Security, HP, IBM, Lancope, LogRhythm, RSA, etc.) are firmly rooted in the infosec industry. I look forward to a lively discussion about geeky topics like algorithms, machine learning, and visual analytics.
Topics: IBM Check Point Palo Alto Networks Fortinet Cisco Data Management & Analytics Information and Risk Management Juniper HP McAfee Enterprise Software Security and Privacy Crowdstrike Lockheed Martin Black Hat trend micro RiskIQ 21CT Leidos Norse CybOX BitSight Symantec RSA TAXII ISC8 Blue Coat STIX Webroot

Is Cisco Back (as an Enterprise Security Leader)?

It wasn’t too long ago that Cisco was a dominant force in information security technology. The company was a market leader in firewalls, IDS/IPS, and e-mail security and was actively pushing products for endpoint security and SIEM as well as security “blades” for Catalyst switches. Heck, Cisco even articulated a bold vision of “self-defending networks” with security policy, enforcement, and intelligence all baked into the network.

Somewhere around 2008, however, Cisco security went into a prolonged slump. Cisco security products didn’t offer the performance of rivals like Crossbeam (now Blue Coat), Juniper, or McAfee. Cisco missed markets like next-generation firewalls, opening the door for savvy startups like FireEye, Palo Alto Networks, and Stonesoft. Cisco products such as the Cisco Security Agent (Okena) and MARS (Protego) were abject failures and discontinued by the company. Finally, Cisco’s security team itself imploded as management and engineering leaders fled San Jose for greener valley pastures.

Topics: IBM Palo Alto Networks Cisco Hadoop Networking Information and Risk Management Juniper Sourcefire FireEye HP McAfee Security and Privacy Security CiscoLive trend micro Symantec Blue Coat TrustSec Crossbeam Mergers / Acquisitions Anti-malware

The Emerging Cybersecurity Software Architecture

It’s been a busy week for the information cybersecurity industry. FireEye announced the acquisition of nPulse which adds network forensics to its advanced malware detection/response portfolio. IBM chimed in with a new Threat Prevention System that includes an endpoint security client, threat intelligence feeds, and integration with its network security, and analytics platforms. Finally, Symantec unveiled its Advanced Threat Protection strategy that combines existing products, future deliverables, and services.

It’s no coincidence that these three infosec security leaders are moving in this direction as the whole industry is on the same path. I’ve written about this trend a few times. I wrote a security-vendors-are-racing-toward-a-new-anti-malware-technology-model/index.html" target="_blank">blog about the integrated anti-malware technology model in March, and this the-new-cybersecurity-technology-reality-the-whole-is-greater-than-the-sum-of-its-parts/index.html">one in April about the new cybersecurity technology reality. Other vendors such as Blue Coat, Cisco, McAfee, Palo Alto Networks, and Trend Micro are also on board.

Topics: IBM Microsoft Check Point Palo Alto Networks Cisco Information and Risk Management FireEye HP McAfee Oracle Security and Privacy Security Apache SIEM Mitre Kaspersky ERP Raytheon Proofpoint Lockheed IDS E&Y Leidos Booz Allen Accenture Blue Coat AV CSC Anti-malware

Video Blog: HP’s XP7 High-end Storage System

Last week I was able to spend a day with HP and a group of its key, large customers as they attended the “XP7 Intensity” event. Following on from the week-prior announcement of the XP7 – HP’s highest-end storage platform for traditional and heterogeneous workloads – this was an opportunity for the users to have an in-depth exposure to the capabilities, engineers, workload-focus, and roadmaps for this uber-capable system. In addressing this group about the overall market situation I will admit a certain enjoyment from being in a group where “mainframe” was still a highly relevant term…and yet simultaneously it served as a reminder of just how similar the basic issues, needs, challenges, and opportunities are across IT - however it is performed - and how thoroughly efficient, capable, and of course mission-critical, these “traditional” deployments can be. I captured some thoughts of mine as well as comments from Kyle Fitze of HP, in this ~3 minute video.

Topics: Storage IT Infrastructure Hewlett-Packard HP Mark Peters

Advanced Malware Detection and Response and Other Cybersecurity Services on the Rise

Think about all of the cybersecurity industry activity with advanced malware detection and response and what comes to mind? Most people would probably focus on technology vendors like Bromium, Cylance, Damballa, FireEye, and Palo Alto Networks since these firms have garnered headlines, raised vast fortunes of VC funding, and even pushed through successful IPOs.

Topics: IBM Cloud Computing Cybersecurity Palo Alto Networks Cisco Information and Risk Management FireEye HP Dell Security and Privacy Security Mandiant Lockheed DHS Barracuda Booz Allen Hamilton bromium Leidos nsa Cylance cybercrime CSC Damballa NIST BT NSF mssp

CISOs Must “Think Different”

Remember the “Think Different” advertising campaign from Apple? It ran from 1997 to 2000 and featured bigger-than-life personalities like Buckminster Fuller, Martin Luther King, and Pablo Picasso.

The “Think Different” ads coincided with Steve Jobs’s return to Apple as well as his somewhat contrarian and analytical mindset. In a PBS interview, Jobs offered this philosophical insight about life:

Topics: IBM Apple Cybersecurity Palo Alto Networks Cisco Information and Risk Management FireEye HP McAfee Security and Privacy Security endpoint security SIEM ArcSight Blue Coat RSA Security CISO Anti-malware NetWitness IDS/IPS Firewall & UTM